Early Access — Mondoo Vulnerability Intelligence is currently in preview.
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
Exploitability
AV:PAC:LPR:NUI:NScope
S:UImpact
C:HI:HA:H6.8/CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H